<?php
$uid=isset($_COOKIE["UID"])?$_COOKIE["UID"]:"";
$keyword=htmlentities(isset($_POST["keyword"])?$_POST["keyword"]:"",ENT_QUOTES);
?>

<form action=search.php method=POST><table width="357" border="1">
  <tr>
    <th colspan="3" scope="col">Search Projects</th>
  </tr>
  <tr>
    <th width="91" scope="row">Keyword</th>
    <td width="168"><input type="text" name="keyword" id="keyword" value="<?php echo $keyword;?>"/></td>
    <td width="76"><input type="submit" name="button5" id="button5" /></td>
  </tr>
</table>
</form>

<p>&nbsp;</p>
<table width="200" border="1">
  <tr>
    <th colspan="8" scope="col"> Projects Found</th>
  </tr>
  <tr>
    <th scope="row">ID</th>
    <td>Creator</td>
    <td>Name</td>
    <td>Company</td>
    <td>ReleaseTime</td>
    <td>ExpiredTime</td>
    <td>Email</td>
    <td>Description</td>
  </tr>
<?php

if($uid!="")
{
   if($keyword=="")
   {
      echo "<tr><td colspan=8>Please input the keyword to search.</td></tr>";exit;
   }

   include "mysql.inc.php";
   include "user.inc.php";

   $m=new CMySQL($dbserver,$dbuser,$dbpsd,$dbname);

   $sql="select a.NAME,b.PNAME,b.COMPANY,b.RTIME,b.ETIME,b.CEMAIL,b.MEMO from user a,projects b where a.UID=b.UID and PNAME like '%$keyword%'";

   $prj=$m->DoQuery($sql);
   $pc=count($prj);
   if($pc==0) echo "<tr><td colspan=8>NO PROJECTS FOUND!</td></tr>";
   else
   {
      for($i=0;$i<$pc;$i++)
      {
?>
 <tr>
    <td><?php echo ($i+1);?></td>
    <td><?php echo $prj[$i]["NAME"];?></td>
    <td><?php echo $prj[$i]["PNAME"];?></td>
    <td><?php echo $prj[$i]["COMPANY"];?></td>
    <td><?php echo $prj[$i]["RTIME"];?></td>
    <td><?php echo $prj[$i]["ETIME"];?></td>
    <td><?php echo $prj[$i]["CEMAIL"];?></td>
    <td><?php echo $prj[$i]["MEMO"];?></td>
  </tr>

<?php
      }       
   }

}
else header("Location:login.php");
?>
</table>